Spending Your Budget on the Right Security Tools

 
 
By Karen A. Frenkel  |  Posted 10-23-2017 Email
 
 
 
 
 
 
 
 
 
  • Previous
    Spending Your Budget on the Right Security Tools
    Next

    Spending Your Budget on the Right Security Tools

    The cost of cyber-crime increases, yet firms still misdirect their priorities by spending on ineffective security tools instead of investing in new technologies.
  • Previous
    Successful Breaches Per Company
    Next

    Successful Breaches Per Company

    Successful breaches per company have risen 27% annually, from an average of 102 to 130. Ransomware attacks alone have doubled from 13% to 27%.
  • Previous
    Information Loss Was Largest
    Next

    Information Loss Was Largest

    Information loss represented the largest cost component, rising from 35% in 2015 to 43% in 2017.
  • Previous
    Spending Too Much On Wrong Tech
    Next

    Spending Too Much On Wrong Tech

    Of nine security technologies, five had a negative value gap: The percentage spending level was higher than the relative value to the business. Advanced perimeter controls: -4, Extensive use of data loss prevention: -4, Deployment of governance, risk, compliance: -3, Extensive deployment of encryption: -2, Automated policy management: -1
  • Previous
    Technologies That Help
    Next

    Technologies That Help

    Three technologies had positive rank ordering by spending levels and cost savings. Security intelligence systems: +6, Use of cyber-analytics and user behavior analytics: +5, Automation, orchestration and machine learning: +3, Advanced identity and access governance: =
  • Previous
    Widely Deployed Security Tech
    Next

    Widely Deployed Security Tech

    The two most widely deployed security technologies are security intelligence systems (67%) and advanced identity and access governance (63%). They deliver cost savings of $2.8 million and $2.4 million, respectively.
  • Previous
    No Fast Tracks
    Next

    No Fast Tracks

    Spending on governance, risk and compliance technologies and automated policy management is not a fast track to increased security. They showed the lowest effectiveness in reducing cyber-crime costs (9% and 7%, respectively) out of nine security technologies.
  • Previous
    Focus on Tech Innovations
    Next

    Focus on Tech Innovations

    Innovative technologies are generating the highest ROIs, yet investment in them is low. Cyber-analytics and user behavior analytics, as well as automation orchestration and machine learning ranked lowest for deployment (32% and 28%, respectively), but they provide the third and fourth highest cost savings.
  • Previous
    Recommendation
    Next

    Recommendation

    Build cyber-security on a strong foundation. Invest in security intelligence and advanced access management, and recognize the need to innovate.
  • Previous
    Recommendation
    Next

    Recommendation

    Perform extreme pressure testing. Don't rely on compliance alone to enhance your security profile. Use extreme pressure testing to identify even the most highly motivated attacker.
  • Previous
    Recommendation
    Next

    Recommendation

    Invest in innovation. Balance investments in analytics and artificial intelligence to enhance program effectiveness and scale value.
 

Companies worldwide are hemorrhaging money as a result of cyber-attacks and misdirected investments in inefficient and ineffective security capabilities, according to a new report. These companies are losing as much is $11.7 million per business annually. That's an increase of 62 percent in five years and $2.4 million per incident, according to the research report published by Accenture and the Ponemon Institute. The report, "2017 Cost of Cyber-Crime Study," found that the number of cyber-attacks has shown "no sign of slowing down" since 2009. "As this research shows, making wise investments in innovation can certainly help make a significant difference when cyber-criminals strike," said Kelly Bissell, managing director of Accenture Security. "Keeping pace with these more sophisticated and highly motivated attacks demands that organizations adopt a dynamic, nimble security strategy that builds resilience from the inside out—versus only focusing on the perimeter—with an industry-specific approach that protects the entire value chain, end to end." The report surveyed 2,182 security and IT professionals over a 10-month period in 254 organizations in Australia, France, Germany, Italy, Japan, the United Kingdom and the United States.

 
 
 
 
 
Karen A. Frenkel writes about technology and innovation and lives in New York City.

 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login Register